Context Navigation

login_include.php

Revision 703, 4.7 KB (checked in by brieb, 2 years ago)
Rearranged payment processing routine to be more flexible. It now needs to save the sales order first Added payment processing template so developers have a guide when putting together their payment scripts It seems their might be some unintentional touching of other files in this commit;
Property svn:keywords set to `LastChangedBy LastChangedDate LastChangedRevision`

Line
1	<?php
2	/*
3	$Rev$ \| $LastChangedBy$
4	$LastChangedDate$
5	+-------------------------------------------------------------------------+
6	\| Copyright (c) 2004 - 2010, Kreotek LLC \|
7	\| All rights reserved. \|
8	+-------------------------------------------------------------------------+
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions are \|
12	\| met: \|
13	\| \|
14	\| - Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| \|
17	\| - Redistributions in binary form must reproduce the above copyright \|
18	\| notice, this list of conditions and the following disclaimer in the \|
19	\| documentation and/or other materials provided with the distribution. \|
20	\| \|
21	\| - Neither the name of Kreotek LLC nor the names of its contributore may \|
22	\| be used to endorse or promote products derived from this software \|
23	\| without specific prior written permission. \|
24	\| \|
25	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
26	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
27	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \|
28	\| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
29	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
30	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
31	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
32	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
33	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
34	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
35	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
36	\| \|
37	+-------------------------------------------------------------------------+
38	*/
39	class login{
40
41	var $db;
42
43	function login($db){
44
45	$this->db = $db;
46
47	}//end function init
48
49
50	function verify($username, $password){
51
52	$querystatement = "
53	SELECT
54	id,
55	uuid,
56	firstname,
57	lastname,
58	email,
59	phone,
60	department,
61	employeenumber,
62	admin
63	FROM
64	users
65	WHERE
66	login = '".mysql_real_escape_string($username)."'
67	AND password = ENCODE('".mysql_real_escape_string($password)."','".mysql_real_escape_string(ENCRYPTION_SEED)."')
68	AND revoked = 0
69	AND portalaccess = 0";
70
71	$queryresult = $this->db->query($querystatement);
72
73	if($this->db->numRows($queryresult)){
74
75	//We found a record that matches in the database
76	// populate the session and go in
77	$_SESSION["userinfo"] = $this->db->fetchArray($queryresult);
78
79	// Next get the users roles, and populate the session with them
80	$_SESSION["userinfo"]["roles"] = array();
81	$querystatement = "
82	SELECT
83	roleid
84	FROM
85	rolestousers
86	WHERE userid = '".$_SESSION["userinfo"]["uuid"]."'";
87
88	$rolesqueryresult = $this->db->query($querystatement);
89
90	while($rolerecord = $this->db->fetchArray($rolesqueryresult))
91	$_SESSION["userinfo"]["roles"][]=$rolerecord["roleid"];
92
93	//Retrieve and Setup User Preferences
94	$_SESSION["userinfo"]["prefs"] = array();
95
96	$querystatement = "
97	SELECT
98	`name`,
99	`value`
100	FROM
101	`userpreferences`
102	WHERE
103	`userid` = ".$_SESSION["userinfo"]["id"];
104
105	$queryresult = $this->db->query($querystatement);
106
107	while($prefsrecord = $this->db->fetchArray($queryresult))
108	$_SESSION["userinfo"]["prefs"][$prefsrecord["name"]] = $prefsrecord["value"];
109
110	//update lastlogin
111	$ip = $_SERVER["REMOTE_ADDR"];
112
113	$updatestatement = "
114	UPDATE
115	users
116	SET
117	modifieddate = modifieddate,
118	lastlogin = Now(),
119	`lastip` = '".$ip."'
120	WHERE
121	id = ".$_SESSION["userinfo"]["id"];
122
123	$this->db->query($updatestatement);
124
125	$_SESSION["tableparams"] = array();
126
127	goURL(DEFAULT_LOAD_PAGE);
128
129	} else {
130
131	//log login attempt
132	$log = new phpbmsLog("Login attempt failed for user '".$username."'", "SECURITY");
133
134	return "Login Failed";
135
136	}//endif numrows
137
138
139	}//end function verify
140
141	}//end class

Note: See TracBrowser for help on using the browser.

phpBMS

Context Navigation

root/trunk/phpbms/include/login_include.php

Download in other formats: